Message ID | 20220523121450.2619221-1-ross.burton@arm.com |
---|---|
State | Accepted, archived |
Commit | 49e93892a37d1a2af2b0a155117441e978385e4c |
Headers | show |
Series | tiff: mark CVE-2022-1622 and CVE-2022-1623 as invalid | expand |
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 9c9108a6afd..c5e964ec8c1 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -28,6 +28,9 @@ UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar" # Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 # and 4.3.0 doesn't have the issue CVE_CHECK_IGNORE += "CVE-2015-7313" +# These issues only affect libtiff post-4.3.0 but before 4.4.0, +# caused by 3079627e and fixed by b4e79bfa. +CVE_CHECK_IGNORE += "CVE-2022-1622 CVE-2022-1623" inherit autotools multilib_header
These issues only affect libtiff post-4.3.0 but before 4.4.0, caused by 3079627e and fixed by b4e79bfa. Signed-off-by: Ross Burton <ross.burton@arm.com> --- meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 3 +++ 1 file changed, 3 insertions(+)